DecryptContext first attempts to obtain the data key from the EncryptedKey stored in the MasterKey using OpenPGP, before falling back to GnuPG. When both attempts fail, an error is returned.
(ctx context.Context)
| 393 | // stored in the MasterKey using OpenPGP, before falling back to GnuPG. |
| 394 | // When both attempts fail, an error is returned. |
| 395 | func (key *MasterKey) DecryptContext(ctx context.Context) ([]byte, error) { |
| 396 | var errs errSet |
| 397 | |
| 398 | if !key.disableOpenPGP { |
| 399 | dataKey, openpgpErr := key.decryptWithOpenPGP() |
| 400 | if openpgpErr == nil { |
| 401 | log.WithField("fingerprint", key.Fingerprint).Info("Decryption succeeded") |
| 402 | return dataKey, nil |
| 403 | } |
| 404 | errs = append(errs, fmt.Errorf("github.com/ProtonMail/go-crypto/openpgp error: %w", openpgpErr)) |
| 405 | } |
| 406 | |
| 407 | dataKey, binaryErr := key.decryptWithGnuPG(ctx) |
| 408 | if binaryErr == nil { |
| 409 | log.WithField("fingerprint", key.Fingerprint).Info("Decryption succeeded") |
| 410 | return dataKey, nil |
| 411 | } |
| 412 | errs = append(errs, fmt.Errorf("GnuPG binary error: %w", binaryErr)) |
| 413 | |
| 414 | log.WithField("fingerprint", key.Fingerprint).Info("Decryption failed") |
| 415 | return nil, fmt.Errorf("could not decrypt data key with PGP key: %w", errs) |
| 416 | } |
| 417 | |
| 418 | // decryptWithOpenPGP attempts to obtain the data key from the EncryptedKey |
| 419 | // using OpenPGP and returns the result. |
no test coverage detected